Fundamentals of Cybersecurity

Question 1

What is Information Security?

Answer 1

Protecting data and information from unauthorized access, modification, disruption, disclosure, and destruction.

Question 2

What is Information Systems Security?

Answer 2

Protecting the systems (e.g computers , servers, network devices) that hold and process critical data.

Question 3

CIANA What does it stand for

Answer 3

Confidentiality, integrity, availability, Non- Repudiation, and Authentication

Question 4

Which out of the five CIANA
Refers to the protection of information from unauthorized access and disclosure
Ensure that private or sensitive information is not available or disclosed to unauthorized individuals, entities, or processes.

Answer 4

Confidentiality

Question 5

WhIch out of the five CIANA refers to ensuring information and data remain accurate and unchanged from original state unless intentionally modified by an authorized individual

Answer 5

Integrity

Question 6

Why is integrity important

Answer 6

Ensure data accuracy , Maintain Trust, and ensure system operability

Question 7

What are the five ways that cybersecurity professionals keep integrity?

Answer 7

1. Hashing - Process of converting data into a fixed size value. Hash Digest - Digital fingerprint
2. Digital Signatures - Use encryption to ensure integrity and authenticity.
3. Checksums- Method to verify the integrity of data during transmission. (Checksum checks if data has been corruption.
4. Access controls - Ensure that only authorized individuals can modify data and reduce the risk of unintentional of malicious alterations.
5. Regular Audits - Involve reviewing logs and operations to ensure that only authorized changes have been made and any discrepancies are addressed.

Question 8

Which of the CIANA emphases the important of having servers up and running

Answer 8

Availability

Question 9

Why is availability important? Ensuring Business continuity, Maintaining customer trust. Organizing reputation.

Answer 9

Ensuring Business continuity, Maintaining customer trust. Organizing reputation

Question 10

How do we keep availability?

Answer 10

REDUNDANCY- Duplication of critical components or functions of a system within the organization

Question 11

There is four redundancy types what are they?

Answer 11

THE FOUR REDUNDANCY
Server redundancy - Involves using multiple servers in a load balance so that if one is overloaded or fails the other servers can take over the load.
Data Redundancy- Involves storing data in multiple places.
Network redundancy- Ensures that if one network paths fails the data can travel through route
Power - Different power sources

Question 12

Which out of the CIANA refers to he idea that someone cannot deny the validity of their actions, such as signing a document or sending a message?

Answer 12

Non Repudiation

Question 13

How do we keep non repudiation

Answer 13

Digital signature - Created by first hashing a particular message or communication to be digitally signed and encrypting the hash digest with the user’s private key using asymmetric encryption.
Important for three main reasons - Using digital signature
Confirming the Authenticity of Digital Transactions
Ensuring integrity
Providing accessibility

Question 14

What are the Triple AAA’s

Answer 14

Authentication, Authorization, Accounting

Question 15

What are the five methods of keeping authentication?

Answer 15

Five methods - Knowledge factor - Relies on information that a user can recall like username or password
Possession factor - Physical item to authenticate yourself. Example like OTP
Inherence factor - Providing a unique physical or behavioral characteristic - like face
Action factor - Relies on a user to conduct a specific action
Location Factor - Relies on the user being a specific location

Question 16

Summary of Authorization

Answer 16

Authorization protects sensitive data to give permission to the specific people - Maintaining system integrity - Permission to only a few people that has the credentials to change things.
Create more streamlined user experience - User friendly
The right people have the right skills

Question 17

What is the definition of Accounting

Answer 17

Definition - Security measure that ensures all user activities are properly tracked and recorded

Question 18

What are some ways companies keep accounting in cybersecurity

Answer 18

Audit trail - Provides a chronological record of all user activities that can used to trace changes, unauthorized access, or anomalies back to a specific user or point in time
Regulatory Compliance - Maintains a comprehensive record of all the users activities
Forensic analysis- Used detailed accounting and event from cybersecurity attacks
Resources Optimization -
User Accountability - Deter potential misuse
Syslog servers - Used to aggregate logs from various network devices and systems so that system administrator can analyze them to detect patterns or anomalies.
Network Analysis tools- Like wireshark - Capture and analyze network traffic
Security Information and Event Management (SIEM) Provides real-time analysis of security alerts generated by various hardware and software infrastructures in

Question 19

Security Type, which is the one that Firewalls, Proactive measures to thwart potential security threats

Answer 19

Preventative controls

Question 20

Security type which is the one that Aim to discourage potential attackers by making it seem hard to less appealing - Warnings

Answer 20

Deterrent controls

Question 21

Security type which one is the one that Monitor and alerts organizations to malicious activities as they occur.

Answer 21

Detective controls

Question 22

Security type - Mitigate any potential damage and store the systems to their normal states like anti malware software

Answer 22

Corrective Controls

Question 23

Security type - Alternative measures that are implemented when primary security controls are not effective .

Answer 23

Compensating Controls -

Question 24

Security type - is Often rooted in policy or documentation and set the standards for behavior within an organization

Answer 24

Directive Controls

Question 25

Give me the four Security Controls

Answer 25

1. Technological - Firewalls, Encryption Processes, Intrusion Detection Systems
2. Managerial Controls - Involves with governance side of security. Risk assessment. Security policies, training program, and incident responses.
3. Operational Controls - Internal processes- To protect data. Backup Procedures, account reviews,
4. Physical controls- Real world measures taken to protect assets like data bases with security guards, shredding of sensitive documents.

Question 26

Gap Analysis

Answer 26

Define the scope of analyst
2. Gather data on the current state of
3. Analyze the data to identify the gaps
4. Develop a plan to bridge the gap
Two types of= Technical Gap Analysis - Evaulating an organizations current technical infrastructure.
Business - Identifying any areas where they fall short of the capabilities quirked to fully utilize cloud bases solutions

Question 27

Zero Trus

Answer 27

Control Plan - The overarching framework and set of components responsible for defining, managing, and enforcing
1. Adaptive identity - Use adaptive identifites that takes into0 thee account the users behavior, device , location,
2. Threat scope reduction limit the users access to only what they need for their work tasks
3. Policy driven access control - Entails developing , managing, and enforcing user access policies based on their roles
4. Secure zones , isolated environments within a network. POLICY ENGINE CROSS REFERENCES THE ACCESS REQUEST WITH ITS PREDEFINED. Policy administrator- used to establish and ammanage the access policies.
5. Subject/ system refers to the individual-
6. Policy Enforcement point Allow or restrict access and it will effectively act as a gatekeeper
Zero Trust is a cybersecurity approaches that assumes no user or system is trusted by default nad requires continuous verification for access to organizations resources.

Question 28

Five basic methods to ensure confidentiality

Answer 28

1. Encryption- process of converting data into code to prevent unauthorized access
2. Access Controls- Ensure only authorized personnel can access certain type of data
3. Data masking- method that involves obscuring data within a database to make inaccessible for unauthorized users while retaining the real data’s authenticity and use for authorized users
4. Physical security measures - Used to ensure confidentiality for physical types of data and for digital information contained on servers and workstations
5. Training and Awareness - Conducting regular training on the security awareness best practices that employees can use to protect the organization sensitive data